-
McConahy, Renee Margaret authoredThis caused a problem with the LOCKSS 2.0-alpha2 configuration, where LOCKSS_ACCESS_SUBNET used semicolons to separate values, but it should be done generally.
McConahy, Renee Margaret authoredThis caused a problem with the LOCKSS 2.0-alpha2 configuration, where LOCKSS_ACCESS_SUBNET used semicolons to separate values, but it should be done generally.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
main.yml 5.84 KiB
---
- name: Prevent changing GID of existing group.
block:
- name: Get groups.
getent:
database: group
- name: Assert that lockss group GID has not changed.
assert:
that:
"'lockss' not in ansible_facts.getent_group or
ansible_facts.getent_group.lockss[1] == lockss_gid | string"
fail_msg: GID must be corrected manually.
quiet: yes
when: lockss_gid is defined and lockss_gid is not none
- name: Add the lockss group.
group:
name: lockss
state: present
gid: "{{ lockss_gid | default(omit) }}"
- name: Prevent changing UID of existing user.
block:
- name: Get users.
getent:
database: passwd
- name: Assert that lockss user UID has not changed.
assert:
that:
"'lockss' not in ansible_facts.getent_passwd or
ansible_facts.getent_passwd.lockss[1] == lockss_uid | string"
fail_msg: UID must be corrected manually.
quiet: yes
when: lockss_uid is defined and lockss_uid is not none
- name: Add the lockss user.
user:
name: lockss
state: present
uid: "{{ lockss_uid | default(omit) }}"
group: lockss
shell: /sbin/nologin
home: /
create_home: false
comment: LOCKSS
- name: Add the lockss user to the docker group.
user:
name: lockss
state: present
groups: docker
append: true
- name: Configure the firewall.
include_tasks: firewall.yml
when: lockss_configure_firewall
- name: Check the storage driver used by Docker.
command:
cmd: docker info -f {% raw %}'{{.Driver}}'{% endraw %}
check_mode: false
changed_when: false
register: r
- name: Ensure Docker is using the OverlayFS storage driver.
assert:
that: r.stdout == "overlay2"